Public warned of cyber attacks

Trouble at computer

%VIRTUAL-SkimlinksPromo%The UK has a "two-week period" to protect itself from a major computer virus that could give hackers access to sensitive information - costing the country millions of pounds, the National Crime Agency has said.

In a statement on the agency website, internet users have been encouraged to "protect themselves against powerful malicious software" by checking that their anti-virus software is up-to-date, and running scans to ensure that all applications are running correctly.
The move comes after the FBI in the US was successful in disrupting a hacking network, making security updates by users particularly effective in the short term.

The viruses in question are known as GOZeuS and CryptoLocker, with the first hiding within attachments in emails that when open give computer access to hackers, who use the software to scan devices for valuable information.

CryptoLocker is a secondary threat that activates if no valuable data is found, and this malware locks the computer, demanding a ransom to grant access again.

Lamar Bailey, director of security research and development at software company Tripwire, said: "The design of these malware packages make it nearly impossible to completely wipe out, but a coordinated attack can cause damage.

"While these organisations are attacking the command and control severs, countries are rolling out a massive consumer education programme to help clean up infected systems and reduce the number of vulnerable systems available for infection.

"The plan is to attack the parasite hard for two weeks while removing as many viable hosts as possible at the same time so that propagation targets will be limited after the attacks subside.

"This will not eliminate the malware but could in theory make it much harder for the operators to use and could cause massive financial loss for them."

UK-based internet awareness group Get Safe Online also posted on its own website, asking users to pay attention to the advice and take advantage of this event to improve their security. The group has posted advice on monitoring potentially malicious email, as well as links to free anti-virus software.

"This warning is not intended to cause you panic but we cannot over-stress the importance of taking these steps immediately," said Get Safe Online in a statement.

"This is because the UK's National Crime Agency has taken temporary control of the communications used to connect with infected computers, but expects only a very limited window of opportunity to ensure you are protected."

The web has been the victim of several serious security breaches in recent months, with the effects of the Heartbleed bug still being felt.

The bug took advantage of a flaw in the OpenSSL software that is designed to encrypt and protect data as it is exchanged online. Several websites, including parental advice site Mumsnet, were hacked as a result of the flaw.

Andy Archibald, Deputy Director of the NCA's National Cyber Crime Unit, said: "Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them.

"Whether you find online security complicated or confusing, or simply haven't thought about keeping your personal or office computers safe for a while, now is the time to take action.

"Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails."

"Those committing cyber crime impacting the UK are often highly-skilled and operating from abroad. To respond to this threat, the NCA is working closely with law enforcement colleagues all over the world, and developing important relationships with the private sector."

The biggest scams of 2013
See Gallery
Public warned of cyber attacks
First Direct found that the most common type of fraud was the 'fake email', which makes up 53% of all scams. This is also known as phishing, and involves the fraudsters contacting you, requesting personal information like passwords and PINs.

They use all kinds of methods to persuade you to reveal your details: from pretending to be your bank, to pretending to be the taxman. Earlier this year HMRC warned people to watch out for scam emails promising tax credit refunds in return for account details - timed to coincide with a major advertising campaign to remind people to renew their tax credits.
This is an old and established scam, but is the second most prevalent in the UK this year. It involves someone getting in contact with a sob story, and asking for a sum of money in return for paying you a larger sum. If you pay up you may get requests for more cash but you will never receive a payout.

This year the horrible twist on the scam was that the gangs pretended to be a victim of the war in Syria, in desperate need of money and able to pay you from money he has hidden overseas, once you give him enough money to escape the country.
This is a new take on phishing, which Financial Fraud Action warned about in August. They said victims receive a cold call asking for personal or financial information. Some 39% of all people targeted by these calls said they found it difficult to tell if the person was genuinely from their bank or whether it was a scam. First Direct says this is the third most prevalent type of scam.
Duplicating your bank cards made up 14% of fraud this year. Old-fashioned card scams are actually on the rise this year. The experts say that the introduction of chip and PIN means 'crude scams' are back in vogue, where criminals distract people in shops and bars, or shoulder surf at cash machines and then steal customers' cards without them noticing.
These also make up 14% of all scams. You receive an email telling you that you have won a lottery. All you have to do is get in touch with the 'claims agent' who you'll need to pay a 'processing fee' or a 'transfer charge' to. These 'agents' are all criminals, who will just take your money and run.
We warned in November of a boom in phoney research calls. Boiler room operatives will call pretending to be university researchers looking into investor confidence. In fact, they are just trying to find out how best to exploit you: asking how much cash you have, your attitude to risk, and determining whether an appeal to greed would work.
Back in May we warned that you could receive a telephone call out of the blue from someone claiming to be from Microsoft. The scammers were using a variety of techniques to extract money from their victims. These included infecting computers with malware and charging to remove it, charging people a fortune for help they didn't want or need, or even just asking for their credit card details.

This is not a new type of scam. For years now different types of Trojan viruses have been embedded in various web pages and links. If you click on the page or link you're taken to malicious websites, which install a virus. The virus then quietly sits on your computer, stealing passwords and account details until it has enough details to empty your bank accounts.

This scam took two very popular forms this year. The first was a link sent in an email pretending to be from Facebook, and inviting you to click the link. When you did, it would install the virus and then send the link to your Facebook friends.

The other form was a page with a fake YouTube video in the background, which claimed to show Rita Ora's famous wardrobe malfunction. However, the site prompts you to enter your Facebook details, so you can see the video and 'personalise your experience'. The criminals then have access to your Facebook account.

As the jobs market continues to be tight, the job offer scam is still a real risk. Financial Fraud Action issued a warning about fake online job offers, that could turn innocent job hunters into unwitting money launderers.

The jobs offered are called things like "payment processing agents" or "administration assistants". They involve the payment of the proceeds of crimes into your bank account. You then pay the cash into an overseas account, effectively hiding the money and laundering it for criminals. In return you receive a share of the money. This is a criminal act.
These reached a peak this year after One Direction collected their Brit award (pictured) and announced a World Tour - and demand for the tickets exploded. The scammers set up fake sites offering tickets to sold-out gigs. Desperate fans trawling the net would stumble across them and take a risk. They handed over hundreds of pounds, the criminals took the money, shut the website, and ran.

Read Full Story